x/vulndb: potential Go vuln in github.com/mayswind/ezbookkeeping: GHSA-772m-773g-qmhc #3466
Description
Advisory GHSA-772m-773g-qmhc references a vulnerability in the following Go modules:
| Module |
|---|
| github.com/mayswind/ezbookkeeping |
Description:
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.
References:
- ADVISORY: GHSA-772m-773g-qmhc
- ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2024-57603
- REPORT: Multiple bruteforce vulnerabilities in ezbookkeeping 0.7.0 mayswind/ezbookkeeping#33
- WEB: https://hkohi.ca/vulnerability/1
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/mayswind/ezbookkeeping
vulnerable_at: 0.7.0
summary: Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping
cves:
- CVE-2024-57603
ghsas:
- GHSA-772m-773g-qmhc
references:
- advisory: https://github.com/advisories/GHSA-772m-773g-qmhc
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-57603
- report: https://github.com/mayswind/ezbookkeeping/issues/33
- web: https://hkohi.ca/vulnerability/1
source:
id: GHSA-772m-773g-qmhc
created: 2025-02-13T23:01:21.129862552Z
review_status: UNREVIEWED